I have a 2 node test setup with pacemaker 1.1.15 and haproxy 1.5.18 running on cento 7. I have a running cluster with 2 floating IP address and the haproxy service is running as a clone. I need to add a new floating IP address and make changes to the haproxy.cfg for a new site. So far in my testing, after I add the new IP address and set the pacemaker constraint, the haproxy service fails to start. This takes all of the sites down. Once I restart pacemaker on both nodes everything comes back up again. How can I prevent the haproxy service from failing? The IP address I am going to add is the 10.x.x.189. You will see it has already been added in the below file outputs.

I have copied and pastes in several files. haproxy.cfg, then output from pcs status and lastly the pcs config output.

Thanks @lukastribus. I did get this to work sort of… What I did was; I stopped the passive node, added the float ip to the haproxy config, added the new floating IP address via cibadmin --query tmp.xml cmd then editing the file by adding in the new floating IP and running a cibadmin --replace --xml-file tmp.xml. I would need to fail over the cluster to the other node before the new IP would be active. But we are going to go down the path of rebuilding the configs with a “bind *:443” in the frontend part of the config since this is easier for future growth and maintainability.

@pderuiter Just enabling the transparent keyword on the bind line will do the same, and also works for IPv6, while net.ipv4.ip_nonlocal_bind applies to all IPv4 sockets on the system and does not have an IPv6 equivalent.